Identify people of interest

From pre-attack
Jump to: navigation, search

Identify people of interest
ID PRE-T1046
Tactic People Information Gathering


The attempt to identify people of interest or with an inherent weakness for direct or indirect targeting to determine an approach to compromise a person or organization. Such targets may include individuals with poor OPSEC practices or those who have a trusted relationship with the intended target.12

Difficulty for the Adversary

Easy for the Adversary (Yes/No): Yes

Explanation: Specialty cases enable an adversary to use key words in order to search social media and identify personnel with poor OPSEC practices who may have access to specialized information which would make them a target of interest. In addition, the open nature of social media leads to a tendency among individuals to overshare, encouraging poor OPSEC and increasing the ease by which an adversary can identify interesting targets.


Detectable by Common Defenses (Yes/No/Partial): No

Explanation: Common defenses protecting against poor OPSEC practices are traditionally more policy-based in nature rather than technical. Policy-based mitigations are generally more difficult to enforce and track violations, making it more difficult that this technique can be detected by common defenses.